Lucene search
+L

81 matches found

ptsecurity
ptsecurity
added 2025/11/05 12:0 a.m.3 views

PT-2025-46821

Name of the Vulnerable Software and Affected Versions pgAdmin versions prior to 9.9 Description The software is susceptible to an LDAP injection issue within the LDAP authentication process. An attacker can inject specific LDAP characters into the username field. This manipulation forces the...

7.8CVSS6.9AI score0.00396EPSS
Exploits0References32
ptsecurity
ptsecurity
added 2025/10/30 12:0 a.m.7 views

PT-2025-44508

Name of the Vulnerable Software and Affected Versions Nagios Log Server versions prior to 2024R1 Description The software contains a stored cross-site scripting XSS issue. An attacker can inject JavaScript code through a manipulated username that is stored and then displayed on admin or user-faci...

5.4CVSS5.6AI score0.00129EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2025/10/27 3:2 a.m.4 views

CVE-2025-12208 SourceCodester Best House Rental Management System admin_class.php login2 sql injection

A vulnerability was found in SourceCodester Best House Rental Management System 1.0. This impacts the function login2 of the file /adminclass.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has been mad...

7.5CVSS6.8AI score0.00431EPSS
Exploits1References5
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-3801

Malware in sbrugna...

4.3CVSS6.4AI score0.01223EPSS
Exploits0References7
euvd
euvd
added 2025/10/07 12:30 a.m.1 views

EUVD-2010-2243

Malware in sbrugna...

4.3CVSS6AI score0.02478EPSS
Exploits0References17
euvd
euvd
added 2025/10/07 12:30 a.m.2 views

EUVD-2014-1059

Malware in sbrugna...

4.3CVSS6.4AI score0.01854EPSS
Exploits1References5
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-7628

Malware in sbrugna...

3.5CVSS6.4AI score0.00954EPSS
Exploits0References4
redhatcve
redhatcve
added 2025/09/26 8:51 p.m.12 views

CVE-2025-10967

A vulnerability was detected in MuFen-mker PHP-Usermm up to 37f2d24e51b04346dfc565b93fc2fc6b37bdaea9. This affects an unknown part of the file /chkuser.php. Performing manipulation of the argument Username results in sql injection. The attack may be initiated remotely. The exploit is now public a...

7.5CVSS6.7AI score0.00302EPSS
Exploits0References1
osv
osv
added 2025/09/18 7:53 p.m.4 views

CVE-2025-59424 LinkAce Vulnerable to Stored XSS on the Audit Page

LinkAce is a self-hosted archive to collect website links. Prior to 2.3.1, a Stored Cross-Site Scripting XSS vulnerability has been identified on the /system/audit page. The application fails to properly sanitize the username field before it is rendered in the audit log. An authenticated attacker...

7.3CVSS5.1AI score0.00321EPSS
Exploits1References4
nvd
nvd
added 2025/08/31 6:15 p.m.3 views

CVE-2025-9739

A vulnerability has been found in Campcodes Online Water Billing System 1.0. Affected by this issue is some unknown functionality of the file /process.php. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out remotely. The exploit has been...

9.8CVSS0.00383EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2025/08/31 12:0 a.m.6 views

PT-2025-35431

Name of the Vulnerable Software and Affected Versions: Campcodes Online Learning Management System version 1.0 Description: A security flaw has been discovered in Campcodes Online Learning Management System 1.0. This vulnerability affects unknown code within the /admin/login.php file. Manipulatio...

9.8CVSS7.4AI score0.00383EPSS
Exploits1References13
githubexploit
githubexploit
added 2025/08/27 11:51 a.m.290 views

Exploit for CVE-2007-2447

CVE-2007-2447 Samba Exploit A Rust implementation of the CVE-...

6CVSS8.6AI score0.49759EPSS
Exploits17
osv
osv
added 2025/07/22 3:15 a.m.7 views

CVE-2025-7950

A vulnerability was found in code-projects Public Chat Room 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack may be launched remotely. The exploit has been...

9.8CVSS6.9AI score0.00525EPSS
Exploits1References5
osv
osv
added 2025/07/07 12:30 p.m.1 views

GHSA-PHHR-52QP-3MJ4 Transformers's Improper Input Validation vulnerability can be exploited through username injection

Hugging Face Transformers versions up to 4.49.0 are affected by an improper input validation vulnerability in the imageutils.py file. The vulnerability arises from insecure URL validation using the startswith method, which can be bypassed through URL username injection. This allows attackers to...

3.5CVSS6.7AI score0.00329EPSS
Exploits1References5
github
github
added 2025/07/07 12:30 p.m.3 views

Transformers's Improper Input Validation vulnerability can be exploited through username injection

Hugging Face Transformers versions up to 4.49.0 are affected by an improper input validation vulnerability in the imageutils.py file. The vulnerability arises from insecure URL validation using the startswith method, which can be bypassed through URL username injection. This allows attackers to...

3.5CVSS3.7AI score0.00329EPSS
Exploits1References5Affected Software1
huntr
huntr
added 2025/03/19 8:59 p.m.7 views

URL Parsing Issue

Repository: Hugging Face Transformers File: imageutils.py Line: 834 Code Snippet: if video.startswith"https://www.youtube.com" or video.startswith"http://www.youtube.com": Vulnerability Description: The current implementation checks if a video URL starts with "https://www.youtube.com" or...

3.5CVSS7.2AI score0.00329EPSS
Exploits1
ptsecurity
ptsecurity
added 2024/11/02 12:0 a.m.13 views

PT-2024-16473 · Unknown · Code-Projects Wazifa System

Name of the Vulnerable Software and Affected Versions: code-projects Wazifa System version 1.0 Description: A critical issue was found in the code-projects Wazifa System, affecting an unknown part of the file /controllers/logincontrol.php. The manipulation of the username argument leads to SQL...

9.8CVSS7.9AI score0.00663EPSS
Exploits1References12
osv
osv
added 2024/10/03 3:15 p.m.6 views

CVE-2024-9460

A vulnerability was found in Codezips Online Shopping Portal 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

9.8CVSS5.8AI score0.00692EPSS
Exploits0References4
cnnvd
cnnvd
added 2024/06/20 12:0 a.m.4 views

Loan Management System SQL Injection Vulnerability

Loan Management System is a loan management system by razormist Personal Developer. A SQL injection vulnerability exists in itsourcecode Loan Management System version 1.0, which is caused by an unknown function in login.php in the component Login, which leads to SQL injection via the parameter...

9.8CVSS7.9AI score0.00614EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2023/07/16 12:0 a.m.6 views

PT-2023-25741 · Sourcecodester · Sourcecodester Insurance Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Life Insurance Management System version 1.0 Description: A critical vulnerability was found in the SourceCodester Life Insurance Management System. This issue affects the file login.php and is caused by the manipulation of the...

9.8CVSS7.5AI score0.00695EPSS
Exploits1References6
Rows per page
Query Builder